I have a server at a COLO. I have a checkpoint firewall in place with VPN access. I'm able to establish a VPN tunnel to the firewall and ping the server behind the firewall. However, I'm unable to access or FTP to the server, connect to the server using RDC (the server is configured to allow remote connections), and I'm unable to connect to the server in order to administer the server using TightVNC (server services are running, and configured correctly).

This is a new Dell server, fresh install Server 2003 R2 no internal firewall running (ICS services not running and disabled), and no third party firewall configured on the machine.

I can receive ping replies back from the server... just unable to access the server for remote administration.

Ideas? This is an emergency project, I've assigned 500 points to this questions.

Who is Participating?

Depending on where your VPN tunnel terminates you might have to put some rules in place within Checkpoint to allow these things. This is true if the tunnel terminates on the outside interface of the firewall.

I don't have access to the Checkpoint Firewall the ISP configured the firewall and VPN for us. They're telling us that once we connect using the VPN that all ports are open and that traffic will flow with no problems. Is that true? I'm not familiar with the Checkpoint firewalls and VPN solution.

I've been told that the rules are in place and that the only thing allowed through our VPN is port 3389 for RDC. After establishing the VPN tunnel and initiating a RDC connection to our ip address, I receive the error "the connection to the server cannot be established". We do not have a internal firewall on the server at this point.

In the past all I've had to do is open port 3389 and point it to the internal server which I would like to connect to remotely from the outside world.

This is enabled under > system properties > remote > Enable Remote Desktop on this computer.

Is this correct, or do I have to configure Terminal Services on Server 2003 in order to use RDC through the VPN?

No, you don't need to configure Terminal Services. Simply right-click on My Computer, select Properties, select the Remote tab and check the box at the bottom for "Enable Remote desktop on this computer".

No, I can't and there are two nics, one is disabled. I have since removed the IP address of the NIC I was using and have enabled the other NIC and entered the IP address I was previously using. Still nothing.

When I do a netstat -a I can see the port 3389 but it's not boud to a IP address:

The problem seems to be the firewall and passing the 3389 traffic to the IP/Machine behind the firewall. I've created a segmented LAN and I'm able to RDP with no issues. I've also been able to use the LAN side of the firewall and RDP behind the firewall. Seems the issue is still with the VPN connection and the traffic passing through thte VPN / Firewall.

At this point I've pushed the issue back to the COLO who's managing our firewall. Thank you for your help, and as we both stated at the begining of this thread... RDP isn't that complicated.